Should I block it?
Yes, 98% block recommendation.
Possible reason:
Multiple malware detections
Relationships
Parent process
Related files
PE file structure |
Show functions |
Import table
mscoree.dll
DllMain
WebCakeDesktop.exe
Desktop by Web Cake (Signed)
Version: | 1.0.0.1 |
MD5: | 918007c1311c833b58f50b59b454266d |
SHA1: | c7759e1f0d3ad2530280372d806703390469b07c |
SHA256: | d41f20af6d1664bedc12df152849bc058d31d9563b9fa973b71bcceee17edb80 |
Warning 24 antivirus scanners has detected malware.
Overview
webcakedesktop.exe is malware that executes as a process with the local user's privileges usually within the context of Windows Explorer. It is set to be run when the PC boots and the user logs into Windows (added to the Run registry key for the current user). The assembly utilizes the .NET run-time framework (which is required to be installed on the PC). The file is digitally signed by Web Cake which was issued by the VeriSign certificate authority (CA).
Details
File name: | webcakedesktop.exe |
Publisher: | Bake Cake |
Product name: | Desktop |
Typical file path: | C:\users\user\appdata\roaming\betcat\webcakedesktop.exe |
File version: | 1.0.0.1 |
Size: | 51.27 KB (52,504 bytes) |
Build date: | 7/25/2013 10:29 PM |
Certificate |
Issued to: | Web Cake |
Authority (CA): | VeriSign |
Effective date: | Tuesday, April 9, 2013 |
Expiration date: | Friday, April 10, 2015 |
Digital DNA |
File packed: | No |
Code language: | Microsoft Visual C# / Basic .NET |
.NET CLR: | Yes |
.NET NGENed: | No |
More details
Behaviors
Startup files (user) run
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
- 'WebCake Desktop' → C:\users\user\appdata\Roaming\Betcat\WebCakeDesktop.exe
Network connections
[TCP] 8.25.35.63:443
Malware detections
Based on 40+ industry antivirus scanners, 24 of them detected the following malware.
Antivirus engine | Engine version | Detection |
Antiy Labs AVL |
2.0.3.7 |
AdWare/Win32.WebCake |
avast! |
8.0.1489.320 |
Win32:Webcake-A [Adw] |
AVG |
13.0.0.3169 |
AdInject.WebCake |
BitDefender |
7.2 |
Adware.WebCake.B |
CAT Quick Heal |
10.13.12.00 |
Adware.WebCake.a (Not a Virus) |
Comodo Internet Security |
17073 |
Application.Win32.AdWare.Webcake.~A |
Dr.Web |
8.13.10.8 |
Adware.WebCake.2 |
Emsisoft Anti-Malware |
3.0.0.589 |
Adware.WebCake.B (B) |
ESET NOD32 |
7.8891 |
MSIL/WebCake.A |
Fortinet |
5.1.147.0 |
Adware/WebCake |
F-Secure |
11.0.19100.45 |
Adware.WebCake.B |
G Data |
13.10.22 |
Adware.WebCake.B |
Kaspersky |
9.0.0.837 |
not-a-virus:AdWare.Win32.WebCake.a |
Kingsoft |
2013.4.9.267 |
Win32.Troj.WebCake.a.(kcloud) |
Malwarebytes |
1.75.0.1 |
PUP.WebCake.A |
Microsoft Security Essentials |
1.9901.0 |
Adware:Win32/WebCake |
eScan by MicroWorld |
12.0.250.0 |
Adware.WebCake.B |
nProtect |
2013-10-08.04 |
Adware.WebCake.C |
Panda Antivirus |
10.0.3.5 |
Adware/WebCake |
PC Tools |
9.0.0.2 |
SecurityRisk.WebCake |
Symantec |
20131.1.5.61 |
WebCake |
Vba32 AntiVirus |
3.12.24.3 |
AdWare.WebCake |
VIPRE Antivirus |
22200 |
Yontoo (fs) |
ViRobot |
2011.4.7.4223 |
Adware.WebCake.52504 |
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
CPU |
Total CPU: | 0.00319123% | |
Kernel CPU: | 0.00232917% | |
User CPU: | 0.00086206% | |
Kernel CPU time: | 1,742 ms/min | |
CPU cycles: | 2,146,897/sec | |
Memory |
Private memory: | 36.65 MB | |
Private (maximum): | 27.89 MB | |
Private (minimum): | 9.57 MB | |
Non-paged memory: | 36.65 MB | |
Virtual memory: | 211.15 MB | |
Virtual memory (peak): | 218.56 MB | |
Working set: | 11.39 MB | |
Working set (peak): | 35.22 MB | |
Page faults: | 71,552/min | |
I/O |
I/O read transfer: | 15.76 KB/sec | |
I/O read operations: | 2/sec | |
I/O write transfer: | 30 Bytes/sec | |
I/O write operations: | 1/sec | |
I/O other transfer: | 1.17 KB/sec | |
I/O other operations: | 76/sec | |
Resource allocations |
Threads: | 19 | |
Handles: | 1008 | |
GUI GDI count: | 6 | |
GUI GDI peak: | 7 | |
GUI USER count: | 2 | |
GUI USER peak: | 3 | |
Process properties
Threads
Averages
mscorwks.dll |
Total CPU: | 0.00375533% | |
Kernel CPU: | 0.00042837% | |
User CPU: | 0.00332696% | |
CPU cycles: | 87,822/sec | |
Memory: | 5.67 MB | |
WebCakeDesktop.exe (main module) |
Total CPU: | 0.00241146% | |
Kernel CPU: | 0.00063747% | |
User CPU: | 0.00177399% | |
CPU cycles: | 46,921/sec | |
Memory: | 72 KB | |
ntdll.dll |
Total CPU: | 0.00147226% | |
Kernel CPU: | 0.00110420% | |
User CPU: | 0.00036807% | |
CPU cycles: | 64,114/sec | |
Memory: | 1.66 MB | |
Common loaded modules
These are modules that are typiclaly loaded within the context of this process.
Distribution by Windows OS
OS version | distribution |
Windows 7 Professional |
100.00% |
|
Distribution by country
Ireland installs about 66.67% of Desktop.
Distribution by PC manufacturer
PC Manufacturer | distribution |
Acer |
66.67% |
|
Hewlett-Packard |
33.33% |
|